Port 5555 is open

Posted on 2007-07-28
Medium Priority
Last Modified: 2008-01-09
I have scanned one the servers in our organisation with LANGuard Security Scanner 7.0 and It showing that port 5555 is open and this port may be opened by trojan W32.Mimail.P@mm as shown below

Backdoors - Open ports commonly used by trojans (1)
5555 [Description: W32.Mimail.P@mm / Service: Unknown

What to do to block this port ????
Question by:bader3111
LVL 29

Accepted Solution

Alan Huseyin Kayahan earned 1500 total points
ID: 19584469
     Hi bader3111
        An open port is not an autonomous object, and should not be considered as something which can be destroyed by closing it. If a port is open on your computer, it means that there is an active program using this port number to communicate with other computers on the web. A port isn't opened by the operating system, it's opened by a specific program wanting to use it. That means W32.Mimail.P@mm may be active in your computer.

1. Click Start, point to All Programs, then Accessories, then Communications then Network Connections. (Or you can right click My Network Places on the desktop and choose Properties).
2. Right-click the Local Area Network or the connection you are using, then click Properties.
3. Click the Advanced tab, and then click Settings.

Note: The Settings button is unavailable when ICF is disabled and all ports are already open.

4. Click Add to open a new port.
5. In the Description box, type a name. For example, type: File & Printer.
In the Name or IP address of the computer hosting this service on your network box, type
6. In both the External and Internal port boxes, type the port number.
7. Click either TCP or UDP, and then click Ok.
8. Repeat steps 4 - 8 and allow the appropriate ports to be open for file and printer sharing. To allow file and print sharing traffic, create and enable the following service definitions. In the External and Internal Ports, allow these ports: UDP 137, UDP 138, UDP 445, and TCP 139, and TCP 445

LVL 27

Expert Comment

ID: 19584554
Download the free prevx2 to scan you system, it should be able to remove the trojan thus closing the port.

PREVX 2.0 is the most powerful security solution in the World.It safeguards your PC and personal information from theft and attack by Spyware, Rootkits, Trojans, Viruses, Bots, Adware and all other forms of Malware and Crimeware.



Author Comment

ID: 19584625
hi , MrHusy:

Thank you for help. I've done the settings you mentioned and i scan the server again , It is ok now the port is blocked . This problem is solved .

But it is showing ports 110 POP3 , 21 FTP and 25 SMTP are open . The server is application server , Is it recommended to close these ports or not ???? and how to close to them ?????

Thank you

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The article covers five tools all IT professionals should know about, as they up productivity by a great deal!
A new hacking trick has emerged leveraging your own helpdesk or support ticketing tools as an easy way to distribute malware.
The viewer will learn how to successfully create a multiboot device using the SARDU utility on Windows 7. Start the SARDU utility: Change the image directory to wherever you store your ISOs, this will prevent you from having 2 copies of an ISO wit…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

578 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question